This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Join our FREE webinar: Discover how Immunify360's advanced malware scanning secures your site. REGISTER NOW→

Infostealing Malware Hidden in Software Productivity Tools

Updated on July 5, 2024

< 1 Min Read
Infostealing Malware Hidden in Software Productivity Tools

An India-based software vendor, Conceptworld Corporation, has unintentionally distributed information-stealing malware within its primary software products in June. The affected tools include Notezilla, a sticky notes app; RecentX, a tool for managing recently used files, folders, applications, and clipboard data; and Copywhiz, a file copying, organizing, and backup tool.

via GIPHY

Researchers from Rapid7 discovered that the installation packages for these products were compromised, embedding rudimentary infostealing malware, dubbed dllFake. Rapid7 informed Conceptworld on June 24, and the company promptly removed the malicious installers, replacing them with legitimate, signed copies within 12 hours.

The attackers managed to integrate their malware with the legitimate software installers, likely by exploiting vulnerabilities on the vendor’s web servers to swap the files. The resulting packages were unsigned and slightly larger than expected, but users would only see the legitimate installer pop-up, hiding any immediate signs of the malware.

DllFake, a part of a previously unidentified malware family active since January, can steal information from cryptocurrency wallets and browsers like Google Chrome and Mozilla Firefox. It also logs keystrokes and clipboard data and can download and execute further payloads. Despite its effectiveness, the malware shows a low level of sophistication, using plaintext indicators and batch scripts.

Users are advised to treat any software download, especially free ones, with caution. Verification methods include comparing file sizes, checking signature validation and hash reputation, and using freely available sandboxes to observe software behavior.

Ensuring the legitimacy of software downloads is crucial to protect against hidden malware threats.

Share your opinion in the comment section. COMMENT NOW

Share This Article

Start Growing with Cloudways Today.

Our Clients Love us because we never compromise on these

Abdul Rehman

Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He's also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.

×

Thankyou for Subscribing Us!

×

Webinar: How to Get 100% Scores on Core Web Vitals

Join Joe Williams & Aleksandar Savkovic on 29th of March, 2021.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Want to Experience the Cloudways Platform in Its Full Glory?

Take a FREE guided tour of Cloudways and see for yourself how easily you can manage your server & apps on the leading cloud-hosting platform.

Start my tour

CYBER WEEK SAVINGS

  • 0

    Days

  • 0

    Hours

  • 0

    Mints

  • 0

    Sec

GET OFFER

For 4 Months &
40 Free Migrations

For 4 Months &
40 Free Migrations

Upgrade Now